EP2509367B1 - Configuration d'une station mobile selon le type de déploiement de réseau local sans fil - Google Patents

Configuration d'une station mobile selon le type de déploiement de réseau local sans fil Download PDF

Info

Publication number
EP2509367B1
EP2509367B1 EP11161792.4A EP11161792A EP2509367B1 EP 2509367 B1 EP2509367 B1 EP 2509367B1 EP 11161792 A EP11161792 A EP 11161792A EP 2509367 B1 EP2509367 B1 EP 2509367B1
Authority
EP
European Patent Office
Prior art keywords
mobile station
access point
target
wlan deployment
type
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
EP11161792.4A
Other languages
German (de)
English (en)
Other versions
EP2509367A1 (fr
Inventor
Ion Barbu
Krishna Kumar Bakthavathsalu
Ahmad Mohammad Mohammad Kholaif
Nayef Fawaz Mendahawi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BlackBerry Ltd
Original Assignee
BlackBerry Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BlackBerry Ltd filed Critical BlackBerry Ltd
Priority to EP11161792.4A priority Critical patent/EP2509367B1/fr
Priority to EP15200114.5A priority patent/EP3018940B1/fr
Publication of EP2509367A1 publication Critical patent/EP2509367A1/fr
Application granted granted Critical
Publication of EP2509367B1 publication Critical patent/EP2509367B1/fr
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/16Discovering, processing access restriction or access information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/183Processing at user equipment or user record carrier

Definitions

  • the technology described in this document generally relates to wireless local area networks.
  • a WLAN is identified by its network name, which in IEEE 802.11 is known as a service-set identifier (SSID).
  • An infrastructure basic service set (BSS) is defined in IEEE 802.11 as a single AP together with all its associated mobile stations, and is uniquely identified by its basic service-set identifier (BSSID). Since an AP is uniquely identified by its MAC address, the MAC address of the AP is typically used as the BSSID.
  • BSSs may be connected to one another via networks denoted distribution systems (DS). Multiple DSs may be interconnected by routing devices.
  • a subnetwork is a portion of a network that shares a common address component and operates at Layers 1 and 2 (physical and data link) of the OSI (Open System Interconnection) reference model.
  • ESS Extended Service Set
  • ESSID extended service set identifier
  • the mobile station In order to enable a mobile station to be truly mobile, the mobile station is typically powered by a battery. Power consumption and battery drain are issues of concern.
  • US 2009/0022076 discloses a wireless communications device that, in the presence of WiFi networks, may operate as a STA (mobile device with WLAN access).
  • the STA includes a Connection Manager (CM) module to handle the connectivity of the wireless communications device to the WLAN.
  • the CM module provides the STA with the ability to query for network details that are stored as WLAN configuration information.
  • the configuration information may be stored in a standalone server that is remotely located, or alternatively, the configuration information may be stored in a component running on the WLAN AP. Thus, the stored configuration information is used to identify access details of the target WLAN to facilitate connectivity.
  • the configuration information is arranged to provide specifics on the type of network, i.e. network/public/enterprise/private access and may be provided to users and to upper layer applications in the system.
  • the configuration information also provides information as to whether the access is free, fee based, and the cost associated in providing access.
  • the WLAN network characteristics information may be queried by the STA as needed.
  • the STA is allowed to request and receive packet information that details WLAN network type and enrolment information prior to association with the WLAN.
  • WO 2008/061347 describes the user interface of a wireless local area network (WLAN) connection setup application and the user interface of a WLAN profile management application, both on a handheld device equipped with a WLAN wireless communication interface for connecting to Wi-Fi networks.
  • the device may identify the security configurations of the available WLANs from the scan results. For example, the device may identify whether the security configuration of the WLAN is none, Wired Equivalent Privacy (WEP), PSK (also known as “WPA-Personal”) or IEEE 802.1X (also known as "WPA-Enterprise”).
  • WEP Wired Equivalent Privacy
  • PSK also known as "WPA-Personal”
  • IEEE 802.1X also known as "WPA-Enterprise”
  • Each available wireless local area network for which a connection profile is not saved in the device appears in the list of available WLANs with a description of its security requirements (e.g. "No Security”, “Security: WEP”, “Security: WPA-Personal”, “Security: W
  • a mobile station selects an access point from results of a discovery scan for a connection attempt.
  • the mobile station determines whether the access point belongs to a corporate/enterprise-type wireless local area network (WLAN) deployment or to a small office / home office (SOHO)-type WLAN deployment. Where the access point is determined to belong to a corporate/enterprise-type WLAN deployment, the mobile station configures itself the mobile station in a first configuration. Where the access point is determined to belong to a SOHO-type WLAN deployment, the mobile station configures itself in a second configuration that differs from the first configuration.
  • WLAN wireless local area network
  • SOHO small office / home office
  • Configuring the mobile station in the first configuration may include disabling roaming scans.
  • Configuring the mobile station in the second configuration may include enabling roaming scans.
  • Configuring the mobile station in the first configuration may include configuring the mobile station to react to failure of an attempt to connect to the access point by banning a connection profile stored in the mobile station that matches the access point, or by reducing a priority of the connection profile.
  • Configuring the mobile station in the second configuration may include configuring the mobile station to react to failure of an attempt to connect to the access point by banning the access point, or by suppressing the access point.
  • Configuring the mobile station in the first configuration may include configuring the mobile station to react to receipt of a decryption error message from the access point by banning a connection profile stored in the mobile station that matches the access point, or by reducing a priority of the connection profile.
  • Configuring the mobile station in the second configuration may include configuring the mobile station to react to receipt of a decryption error message from the access point by banning the access point, or by suppressing the access point.
  • Fig. 1-1 is an illustration of an example single-access point (AP) wireless local area network (WLAN) deployment;
  • AP single-access point
  • WLAN wireless local area network
  • Fig. 1-2 is an illustration of an example multiple-AP WLAN deployment, where each access point (AP) is configured separately from the other access points in the WLAN deployment, and where each AP comprises its own dynamic host configuration protocol (DHCP) server;
  • AP access point
  • DHCP dynamic host configuration protocol
  • Fig. 1-3 is an illustration of another example multiple-AP WLAN deployment, where each AP is configured by a central controller, and where one or more centralized or distributed DHCP servers are coupled to the multiple APs in the WLAN deployment;
  • Fig. 2 is a flowchart illustrating an example method to be performed by a mobile station for joining a BSS
  • Fig. 3 is a flowchart illustrating an example method to be performed by a mobile station for determining a type of WLAN deployment and configuring the mobile station according to the type of WLAN deployment;
  • FIGS. 4-1 , 4-2 , 4-3 , 4-4 , 4-5 , 4-6 , 4-7 , 4-8 and 4-9 are flowcharts illustrating different example methods to be performed by a mobile station for determining a type of WLAN deployment;
  • Fig. 5 is a flowchart illustrating an example method to be performed by a mobile station for configuring the mobile station according to the type of WLAN deployment;
  • Fig. 6 is a flowchart illustrating another example method to be performed by a mobile station for configuring the mobile station according to the type of WLAN deployment;
  • Fig. 7 is a flowchart illustrating another example method to be performed by a mobile station for configuring the mobile station according to the type of WLAN deployment;
  • Fig. 8 is a flowchart illustrating another example method to be performed by a mobile station for configuring the mobile station according to the type of WLAN deployment;
  • Fig. 9 is a flowchart illustrating an example method to be performed by a mobile station for banning a connection profile
  • Fig. 10 is an illustration of an example screenshot listing connection profiles stored in a mobile station, in which a temporarily banned connection profile is identified by a visual indication;
  • Fig. 11 is a flowchart illustrating an example method to be performed by a mobile station for un-banning a connection profile
  • Figs. 11-1, 11-2, 11-3 and 11-4 are flowcharts illustrating specific example methods to be performed by a mobile station for un-banning one or more connection profiles;
  • Fig. 12 is a flowchart illustrating an example of a method for active scanning that takes into account whether a profile is banned, the method to be performed by a mobile station;
  • Fig. 13 is a flowchart illustrating an example of a method for passive scanning in the situation where at least one profile is banned, the method to be performed by a mobile station;
  • Fig. 14 is a flowchart illustrating another example of a method for passive scanning in the situation where at least one profile is banned, the method to be performed by a mobile station;
  • Fig. 15 is a flowchart illustrating an example method to be performed by a mobile station for banning a target access point
  • Figs. 16-1, 16-2 and 16-3 are illustrations of example screenshots displayed at a mobile station
  • Fig. 17-1 and 17-2 are flowcharts illustrating example methods to be performed by a mobile station for un-banning one or more access points
  • Fig. 18 is a flowchart illustrating an example of a method for active scanning that takes into account whether an access point is banned, the method to be performed by a mobile station;
  • Fig. 19 is a flowchart illustrating an example of a method for passive scanning that takes into account whether an access point is banned, the method to be performed by a mobile station;
  • Fig. 20 is a flowchart illustrating an example method to be performed by a mobile station for suppressing a target access point
  • Fig. 21 is a flowchart illustrating an example method to be performed by a mobile station for un-suppressing an access point
  • Figs. 21-1, 21-2 and 21-3 are flowcharts illustrating specific example methods to be performed by a mobile station for un-suppressing one or more access points;
  • Fig. 22 is a flowchart illustrating an example of a method for active scanning that takes into account whether an access point is suppressed, the method to be performed by a mobile station;
  • Fig. 23 is a flowchart illustrating an example of a method for passive scanning that takes into account whether an access point is suppressed, the method to be performed by a mobile station;
  • Fig. 24 is a flowchart illustrating an example method to be performed by a mobile station for suppressing or banning a target access point according to a number of times the authentication process has failed for the target access point;
  • Fig. 25 is a flowchart illustrating an example of a method for active scanning that takes into account whether an access point is suppressed or banned, the method to be performed by a mobile station;
  • Fig. 26 is a flowchart illustrating an example of a method for passive scanning that takes into account whether an access point is suppressed or banned, the method to be performed by a mobile station;
  • Fig. 27 is a functional block diagram illustration of an example mobile station.
  • SOHO-type WLAN deployment is used to refer to a WLAN deployment that is not expected to support seamless roaming, because the WLAN deployment involves either a single access point or multiple access points that are not served by a common dynamic host configuration protocol (DHCP) server.
  • DHCP dynamic host configuration protocol
  • a SOHO-type WLAN deployment is not necessarily found in a small office or home office. For example, a hotspot WLAN deployment in a coffee shop may be a SOHO-type WLAN deployment, even though the coffee shop is neither a small office nor a home office.
  • corporate/enterprise-type WLAN deployment is used to refer to a WLAN deployment supported by multiple access points that is expected to support seamless roaming among the multiple access points, because the multiple access points are served by a common DHCP server.
  • a corporate/enterprise-type WLAN deployment is not necessarily found in a corporate environment or in a large enterprise. For example, a sophisticated home user may set up a corporate/enterprise-type WLAN deployment. In another example, a corporate/enterprise-type WLAN deployment may be found in a hotel.
  • Figs. 1-1 , 1-2 and 1-3 are illustrations of different WLAN deployments.
  • An example single-AP SOHO-type WLAN deployment is illustrated in Fig. 1-1 .
  • An example multiple-AP SOHO-type WLAN deployment is illustrated in Fig. 1-2 .
  • An example corporate/enterprise-type WLAN deployment is illustrated in Fig. 1-3 .
  • FIG. 1-1 is an illustration of an example single-AP WLAN deployment. Coverage areas of APs are illustrated in Fig. 1-1 by dashed circles.
  • a single AP 102 supports a WLAN and is connected, directly or indirectly, to an external network 104 (for example, the Internet).
  • a mobile station 106 within communication range of AP 102 may identify AP 102 during a discovery scan for available WLANs.
  • mobile station 106 is within communication range of another AP 108, and AP 108 is also identified in the results of the discovery scan. Because AP 102 provides a single-AP WLAN deployment, the WLAN supported by AP 108 is different from the WLAN supported by AP 102.
  • AP 102 and AP 108 may differ in one or more of the following respects: a vendor identifiable from a MAC address of the access point, a network name also known as an SSID, a security type, credentials for the security type.
  • AP 102 may optionally comprise a DHCP server to provide associated mobile stations with a dynamic IP address.
  • the example single-AP WLAN deployment illustrated in Fig. 1-1 is not able to support seamless roaming, and is therefore an example of a SOHO-type WLAN deployment.
  • AP 102 may provide a single-AP WLAN deployment in a home with the SSID “@Home” and the security type "PSK”
  • AP 108 may provide a single-AP WLAN deployment in a neighboring home with the SSID “D-Link” and the security type “Open System”.
  • AP 102 may provide a single-AP WLAN deployment in a home with the SSID “D-Link” and the security type “WEP” and the password "123456”
  • AP 108 may provide a single-AP WLAN deployment in a neighboring home with the SSID "D-Link” and the security type “WEP” and the password "homeoffice”.
  • AP 102 may provide a single-AP WLAN hotspot deployment in a coffee shop with the SSID "CoffeeShop” and the security type "WEP” and the password "guest”.
  • Fig. 1-2 is an illustration of an example multiple-AP WLAN deployment, where each AP is configured separately from the other access points in the WLAN deployment, and where each AP comprises its own DHCP server. Coverage areas of APs are illustrated in Fig. 1-2 by dashed circles.
  • AP 110 and AP 112 jointly support a WLAN and may be connected via a distribution system 113.
  • AP 110 and AP 112 are connected, directly or indirectly, to an external network 114 (for example, the Internet).
  • a mobile station 116 within communication range of AP 110 or AP 112 or both may identify AP 110 or AP 112 or both during a discovery scan for available WLANs.
  • mobile station 116 is within communication range of another AP 118, and AP 118 is also identified in the results of the discovery scan.
  • the WLAN supported by AP 110 and AP 112 is different from the WLAN supported by AP 118.
  • AP 110 and AP 112 are alike in at least the following respects and may differ from AP 118 in one or more of the following respects: a vendor identifiable from a MAC address of the access point, a network name also known as an SSID, a security type, credentials for the security type.
  • AP 110 may optionally comprise a DHCP server to provide associated mobile stations with a dynamic IP address.
  • AP 112 may optionally comprise a DHCP server to provide associated mobile stations with a dynamic IP address.
  • the example multiple-AP WLAN deployment illustrated in Fig. 1-2 is not able to support seamless roaming, and is therefore an example of a SOHO-type WLAN deployment.
  • AP 110 and AP 112 may provide a multiple-AP WLAN deployment in a small office with the SSID " @ Work” and the security type "PSK”, whereas AP 118 may provide a single-AP WLAN deployment in a neighboring office with the SSID “D-Link” and the security type "Open System”.
  • AP 110 and AP 112 may provide a multiple-AP WLAN deployment in a small office with the SSID "D-Link” and the security type “WEP” and the password "123456”
  • AP 118 may provide a single-AP deployment in a neighboring office with the SSID "D-Link” and the security type "WEP” and the password "office”.
  • Fig. 1-3 is an illustration of another example multiple-AP WLAN deployment. Coverage areas of APs are illustrated in Fig. 1-3 by dashed circles.
  • AP 120, AP 122, AP 124, AP 126, and AP 128 jointly support a WLAN and have at least the following parameters in common: a network name also known as an SSID, a security type, credentials for the security type.
  • APs 120, 122, 124, 126 and 128 may be connected via a distribution system 129.
  • a central controller 130 coupled to APs 120, 122, 124, 126 and 128 enables configuration of the access points with the common parameters.
  • One or more centralized or distributed DHCP servers 132 are coupled to APs 120, 122, 124, 126 and 128.
  • An authentication server 134 is coupled to APs 120, 122, 124, 126 and 128.
  • a mobile station 136 within communication range of one or more of APs 120, 122, 124, 126 and 128 may identify one or more of APs 120, 122, 124, 126 and 128 during a discovery scan for available WLANs.
  • the connectivity process if a mobile station does not have a static IP address, then once the mobile station is associated with the target AP, the mobile station performs a dynamic IP address acquisition process with the target AP, which passes the request on to one of the DHCP servers 132.
  • the dynamic IP address acquisition process may involve encrypted data packets.
  • APs 120, 122, 124, 126 and 128 may be connected, directly or indirectly, to another internal network or to an external network (for example, the Internet).
  • the example single-AP WLAN deployment illustrated in Fig. 1-1 is able to support seamless roaming, and is therefore an example of a corporate/enterprise-type WLAN deployment.
  • Fig. 2 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for joining a BSS.
  • Having a mobile station join an existing BSS is a multi-stage process, involving scanning, selection of a target AP, authentication, association, and IP address acquisition.
  • the mobile station performs a discovery scan, using passive scanning or active scanning or any combination thereof, to identify APs within communication range of the mobile station.
  • a discovery scan may be a user-requested scan. Additionally, a discovery scan may be triggered automatically, for example, if the mobile station is displaying a list of available wireless local area networks.
  • the mobile station transmits at least one probe request specifying a particular network name and may receive a probe response from an AP configured with the particular network name.
  • the mobile station extracts details about the AP and the WLAN from the received probe response(s) and adds the details for each received probe response as a record to the scan results of active scanning.
  • the mobile station receives management frames from APs, which may include any or any combination of beacon frames, probe responses destined for other mobile stations, and association responses or reassociation responses destined for other mobile stations.
  • the mobile station extracts details about the AP and the WLAN from the received management frame(s) and adds the details for each received management frame as a record to the scan results of passive scanning.
  • a record in the results of the discovery scan may include at least the following extracted details about the AP and the WLAN: a unique identifier of the AP, for example, its MAC address; the network name of the WLAN; an identification of the frequency band on channels of which communication in the WLAN is conducted; an identification of the channel on which the beacon frame or probe response was received; an indication of the security type implemented in the WLAN; and if applicable to the security type, an indication of the encryption type implemented in the WLAN.
  • the record may also include an indication of the strength of the received signal.
  • Open Authentication security types include, for example, "Open System”, Wi-Fi Protected Access (WPA)/WPA2-Personal, which involves Temporal Key Integrity Protocol (TKIP) or Advanced Encryption Standard (AES) encryption, WPA-Enterprise, which involves Counter-Mode/CBC-Mac Protocol (CCMP) encryption, and all flavors of the Extensible Authentication Protocol (EAP) security type.
  • WPA Wi-Fi Protected Access
  • WPA2-Personal which involves Temporal Key Integrity Protocol (TKIP) or Advanced Encryption Standard (AES) encryption
  • WPA-Enterprise which involves Counter-Mode/CBC-Mac Protocol (CCMP) encryption
  • EAP Extensible Authentication Protocol
  • An "Open System” security type means no encryption and no authentication.
  • the EAP security type has several flavors, for example, Lightweight EAP (LEAP), Protected EAP (PEAP), EAP Transport Layer Security (EAP-TLS), EAP Tunneled Transport Layer Security (EAP-TTLS), EAP-Flexible Authentication via Secured Tunneling (EAP-FAST), EAP for GSM Subscriber Identity Modules (EAP-SIM), and EAP-Authentication and Key Agreement (EAP-AKA).
  • LEAP Lightweight EAP
  • PEAP Protected EAP
  • EAP-TLS EAP Transport Layer Security
  • EAP-TTLS EAP Tunneled Transport Layer Security
  • EAP-FAST EAP-Flexible Authentication via Secured Tunneling
  • EAP-SIM EAP for GSM Subscriber Identity Modules
  • EAP-AKA EAP-Authentication and Key Agreement
  • the mobile station selects from the scan results a target AP with which to attempt a connection.
  • the target AP may be automatically selected by the mobile station without user intervention.
  • selection of the target AP may be indicated to the mobile station through activation by the user of the mobile station of a user input component of the mobile station. For example, a list of available WLANs may be presented via a user output component of the mobile station and the target AP may be selected from that list.
  • a mobile station may store in its memory one or more connection profiles, which are editable via a user interface component of the mobile station.
  • Each connection profile includes a network name of the WLAN.
  • the network name uniquely identifies the connection profile in the mobile station, so that no two connection profiles stored in the same mobile station include the same network name.
  • a connection profile is optionally labeled with a profile label.
  • a connection profile may include indications of other network details, for example, one or more of the following: a security type, a security subtype, an authentication method, and an encryption type.
  • a connection profile may also include credentials for use with the implemented security type or with the authentication method or with both.
  • a non-exhaustive list of examples of credentials includes a passphrase, a username, a password, an IMSI (International Mobile Subscriber Identity), a certificate, and a certificate having an expiry date.
  • a connection profile may also include other information, for example, Internet Protocol (IP) network parameters. Connection profiles are ordered in the mobile station by their priority relative to one another. The priority of a connection profile may affect the order in which it is compared to scan results.
  • IP Internet Protocol
  • Selecting a target AP may involve comparing the scan results to one or more of the connection profiles stored in the mobile station.
  • a target AP whose management frame is in the scan results is considered a match to a particular connection profile if the following network details of the particular connection profile and the network details of the management frame are identical: network name, security type, and encryption type.
  • the mobile station proceeds to initiate at 206 a Shared Key Authentication process with the target AP.
  • the mobile station sends an authentication request to the target AP.
  • the target AP responds to the authentication request by sending a challenge to the mobile station.
  • the mobile station then encrypts the challenge with its copy of a Wired Equivalent Privacy (WEP) key and sends the encrypted challenge to the target AP.
  • WEP Wired Equivalent Privacy
  • the decrypted challenge will match the challenge originally sent from the target AP to the mobile station, and the target AP sends an authentication response indicative of successful authentication to the mobile station.
  • the mobile station's copy of the WEP key may be stored in a connection profile that matches the target AP, or may have been provided to the mobile station through activation by the user of the mobile station of a user input component of the mobile station.
  • the mobile station proceeds to initiate at 210 an association process with the target AP.
  • the association process typically involves the mobile station sending an association request that is addressed to a unique identifier of the target AP, and the target AP replying with an association response. If the association process is successful, as checked at 212, the association response includes an association identifier (AID) granted to the mobile station by the target AP.
  • AID association identifier
  • the mobile station if the mobile station has a static IP address, as checked at 214, then the connection of the mobile station and the target AP is complete, as indicated at 216. If the mobile station does not have a static IP address, as checked at 214, then the mobile station initiates at 218 with the target AP a process of dynamic IP address acquisition. Data packets exchanged during the dynamic IP address acquisition process may be encrypted using the shared WEP key.
  • the target AP may comprise a DHCP server or may be coupled to one or more centralized or distributed DHCP servers. If the dynamic IP address acquisition process is successful, as checked at 220, then the connection of the mobile station and the target AP is complete, as indicated at 216.
  • Completion of the connection means that the mobile station is considered to have joined the BSS. While the mobile station is a member of the BSS, data packets exchanged between the mobile station and the target AP will be encrypted using the shared WEP key. While the mobile station is connected to the target AP, the mobile station may at 222 perform roaming scans from time to time, if the mobile station is configured to enable roaming scans. Roaming scans are described in further detail with respect to Figures 5-1 and 5-2 .
  • the mobile station proceeds to initiate at 226 a nominal authentication process with the target AP.
  • the mobile station sends an authentication request to the target AP, and the target AP responds to the authentication request by sending to the mobile station an authentication response indicative of success.
  • the mobile station proceeds to initiate at 228 an association process with the target AP.
  • the association process typically involves the mobile station sending an association request that is addressed to a unique identifier of the target AP, and the target AP replying with an association response. If the association process is successful, as checked at 230, the association response includes an AID granted to the mobile station by the target AP.
  • the mobile station proceeds to initiate at 232 a subsequent authentication process.
  • the subsequent authentication process is merely the mobile station sending an authentication request to the target AP and the target AP responding to the authentication request by sending to the mobile station an authentication response indicative of success.
  • the security type is WPA/WPA2-Personal
  • the subsequent authentication process involves an authenticator, for example, an AAA server, and uses a four-way handshake between the mobile station and the authenticator.
  • the security type is WPA/WPA2-Enterprise
  • the subsequent authentication process involves an EAP authentication process with an EAP authentication server to secure the association between the mobile station and the target AP, followed by a four-way handshake.
  • the subsequent authentication process involves an EAP authentication process with an EAP authentication server to secure the association between the mobile station and the target AP.
  • EAP authentication server A AAA server and a Remote Dial In User Service (RADIUS) server are both examples of an EAP authentication server.
  • Parameters used in the subsequent authentication process may have been retrieved by the mobile station from a connection profile stored in the mobile station that matches the target AP, or may have been provided or indicated to the mobile station through activation by the user of the mobile station of a user input component of the mobile station.
  • the mobile station Following successful completion of the subsequent authentication process, as checked at 234, if the mobile station has a static IP address, as checked at 214, then the connection of the mobile station and the target AP is complete, as indicated at 216. If the mobile station does not have a static IP address, as checked at 214, then the mobile station initiates at 218 with the target AP a process of dynamic IP address acquisition. If the security type involves encryption, data packets exchanged during the dynamic IP address acquisition process may be encrypted.
  • the target AP may comprise a DHCP server or may be coupled to one or more centralized or distributed DHCP servers. If the dynamic IP address acquisition process is successful, as checked at 220, then the connection of the mobile station and the target AP is complete, as indicated at 216.
  • Completion of the connection means that the mobile station is considered to have joined the BSS. While the mobile station is a member of the BSS, data packets exchanged between the mobile station and the target AP will be encrypted if the security type involves encryption. While the mobile station is connected to the target AP, the mobile station may at 222 perform roaming scans from time to time, if the mobile station is configured to enable roaming scans. Roaming scans are described in further detail with respect to Figures 5-1 and 5-2 .
  • the mobile station and the target AP can fail to establish a connection, including, for example, authentication failure due to a mismatch in credentials, authentication failure due to an authentication timeout (failure of an authentication process to successfully complete before expiry of an authentication timer started by the mobile station when initiating the authentication process), failures due to the target AP being unresponsive, failure to acquire a dynamic IP address, and the target AP having refused to authenticate or associate with the specific mobile station (identified by its MAC address in an authentication request or in an association request).
  • the mobile station may optionally take some action at 238 if the mobile station and the target AP have failed to establish a connection, or if the mobile station has received a decryption error message from the target AP.
  • the action to be taken may depend upon the type of WLAN deployment to which the target AP belongs, and may further depend upon the reason that the mobile station and the target AP have failed to establish a connection or whether a decryption error message was received.
  • Authentication is a power-intensive process. Failure of a mobile station to successfully conclude an authentication process with a target AP or authentication server can significantly drain the battery that powers the mobile station, especially if the same AP or another AP matching the same connection profile as the target AP is repeatedly selected as a target for connection.
  • a connection profile that stores parameters used by the mobile station in a failed authentication process or a failed dynamic IP address acquisition process is banned.
  • the banning of a connection profile affects how subsequent scans-other than discovery scans-and connection attempts are handled.
  • the connection profile could have its priority reduced, relative to other connection profiles stored in the mobile station.
  • a unique identifier of the target AP with which the mobile station has failed to connect or from which the mobile station has received a decryption error message is banned or suppressed.
  • the banning or suppression of a target AP affects how subsequent scans and connection attempts are handled.
  • Fig. 3 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for determining a type of WLAN deployment and configuring the mobile station according to the type of WLAN deployment.
  • the mobile station determines whether the target AP belongs to a corporate/enterprise-type WLAN deployment or to a SOHO-type WLAN deployment.
  • Various techniques may be employed, alone or in any combination, during the discovery and connectivity process, in order to determine the type of WLAN deployment. Examples of such techniques are described in more detail with respect to Figs. 4-1 through 4-9 . Some techniques may provide a determination of type of WLAN deployment with more confidence than other techniques. The mobile station may assign different confidence levels to the results of the determinations in order to make an ultimate determination as to the type of WLAN deployment.
  • the mobile station configures itself at 306 in a first configuration.
  • the mobile station configures itself at 316 in a second configuration that is different from the first configuration in at least one respect.
  • the mobile station may configure itself to enable roaming scans, and where the mobile station determines that the target AP belongs to a SOHO-type WLAN deployment, the mobile station may configure itself to disable roaming scans.
  • the mobile station may configure itself to react to failure to establish a connection with the target AP by banning a connection profile identified as matching the target AP, and where the mobile station determines that the target AP belongs to a SOHO-type WLAN deployment, the mobile station may configure itself to react to failure to establish a connection with the target AP by banning the target AP.
  • the mobile station may reduce the priority of the connection profile.
  • the mobile station may configure itself to react to failure to establish a connection with the target AP by banning a connection profile identified as matching the target AP, and where the mobile station determines that the target AP belongs to a SOHO-type WLAN deployment, the mobile station may configure itself to react to failure to establish a connection with the target AP by suppressing the target AP.
  • the mobile station may reduce the priority of the connection profile.
  • the mobile station may configure itself to react to failure to establish a connection with the target AP by banning a connection profile identified as matching the target AP, and where the mobile station determines that the target AP belongs to a SOHO-type WLAN deployment, the mobile station may configure itself to react to failure to establish a connection with the target AP due to invalid credentials by suppressing the target AP and due to any other cause by banning the target AP.
  • the mobile station may reduce the priority of the connection profile.
  • Fig. 4-1 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for determining a type of WLAN deployment of a target AP.
  • the example method may be performed by the mobile station as soon as a target AP has been selected from results of a discovery scan.
  • Each management frame in the scan results includes a unique identifier of the access point that sent the management frame.
  • the MAC address of the access point that sent the management frame may be included in a field of the management frame and may uniquely identify the access point that sent the management frame.
  • the mobile station may check whether all of the one or more management frames in the scan results were received from the target AP. If so, then the discovery scan has failed to identify any access points other than the target AP, and the mobile station may determine, with some confidence, that the target AP belongs to a SOHO-type WLAN deployment.
  • the mobile station may compare a management frame in the scan results that was received from the target AP with a management frame in the scan results that was received from another access point.
  • the target AP is considered to match the other access point if one or more characteristics of the target AP discernible from the target AP's management frame have values identical to the values of the same one or more characteristics of the other AP discernible from the other AP's management frame.
  • the one or more characteristics may include, for example, SSID, security type, encryption type, and presence or absence of a call admission control information element in the management frame.
  • the mobile station may determine at 410 that the target AP belongs to a SOHO-type WLAN deployment. The greater the number of characteristics that are checked, the greater the confidence in the determination at 410 that the target AP belongs to a SOHO-type WLAN deployment.
  • the mobile station may determine at 412 that the target AP belongs to a corporate/enterprise-type WLAN deployment.
  • the greater the number of characteristics that are checked the greater the confidence in the determination at 412 that the target AP belongs to a corporate/enterprise-type WLAN deployment.
  • the greater the number of other access points that match the target AP the greater the confidence in the determination at 412 that the target AP belongs to a corporate/enterprise-type WLAN deployment.
  • Fig. 4-2 is a flowchart illustrating another example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for determining a type of WLAN deployment of a target AP.
  • the example method may be performed by the mobile station as soon as a target AP has been selected from results of a discovery scan.
  • the mobile station checks the security type of the target AP, which is discernible from a management frame in the scan results received from the target AP. If the security type is "Open System", that is, no authentication and no encryption is implemented in the WLAN, then the mobile station determines at 416 that the target AP belongs to a SOHO-type WLAN deployment.
  • the assumption inherent in this example method is that corporate/enterprise-type WLAN deployments implement security and therefore have a security type other than "Open System”. Thus confidence in the determination at 416 that the target AP belongs to a SOHO-type WLAN deployment may be high. If the security type of the target AP is not "Open System", the mobile station cannot determine the type of WLAN deployment solely from the security type of the target AP.
  • Fig. 4-3 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for determining a type of WLAN deployment of a target AP.
  • the example method may be performed by the mobile station as soon as a target AP has been selected from results of a discovery scan.
  • the mobile station looks up the organization identified by the organizationally unique identifier (OUI) portion of the MAC address of the target AP.
  • OUI organizationally unique identifier
  • the mobile station may determine at 422 that the target AP belongs to a corporate/enterprise-type WLAN deployment. For example, Hewlett Packard is currently known to manufacture or sell access points for corporate/enterprise WLAN deployments only.
  • the mobile station may determine at 426 that the target AP belongs to a SOHO-type WLAN deployment. For example, Belkin Corporation and D-Link Corporation are currently known to manufacture or sell access points for SOHO WLAN deployments only.
  • the mobile station cannot determine the type of WLAN deployment solely from the OUI portion of the MAC address of the target AP.
  • the check at 424 whether the identified organization is known to manufacture or sell access points for SOHO WLAN deployments only may precede the check at 420 whether the identified organization is known to manufacture or sell access points for corporate/enterprise WLAN deployments only.
  • Fig. 4-4 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for determining a type of WLAN deployment of a target AP.
  • the example method may be performed by the mobile station as soon as a target AP has been selected from results of a discovery scan.
  • the mobile station checks whether the target AP is enabled for Cisco Compatible Extensions (CCX).
  • the mobile station may determine this, for example, by checking whether a management frame from the target AP in the scan results includes a vendor-specific information element (IE) that indicates a CCX version.
  • IE vendor-specific information element
  • the mobile station may determine at 430 with high confidence that the target AP belongs to a corporate/enterprise-type WLAN deployment. If the target AP is not CCX-enabled, the mobile station cannot determine the type of WLAN deployment solely from this fact.
  • Fig. 4-5 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for determining a type of WLAN deployment of a target AP.
  • the example method may be performed by the mobile station as soon as a target AP has been selected from results of a discovery scan.
  • the mobile station checks whether a beacon frame, probe response, association response or reassociation response in the scan results received from the target AP includes in its Radio Resource Measurement (RRM) Enabled Capabilities information element a bit indicating support for Neighbor Reports.
  • RRM Radio Resource Measurement
  • a Neighbor Report response frame sent in response to a Neighbor Report request includes a list of candidate APs for roaming. If the beacon frame or probe response or association response or reassociation response includes a bit indicating support for Neighbor Reports, then the mobile station may determine at 434 with some confidence that the target AP belongs to a corporate/enterprise-type WLAN deployment. If the beacon frame or probe response or association response or reassociation response does not include a bit indicating support for Neighbor Reports, the mobile station cannot determine the type of WLAN deployment solely from this fact.
  • RRM Radio Resource Measurement
  • Fig. 4-6 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for determining a type of WLAN deployment of a target AP.
  • the example method may be performed by the mobile station as soon as a target AP has been selected from results of a discovery scan.
  • the mobile station checks whether a beacon frame or probe response in the scan results received from the target AP includes in the Robust Security Network (RSN) Capabilities field of its RSN information element a bit indicating support for WPA pre-authentication. If the beacon frame or probe response includes a bit indicating support for WPA pre-authentication, then the mobile station may determine at 438 with complete confidence that the target AP belongs to a corporate/enterprise-type WLAN deployment. If the beacon frame or probe response does not include a bit indicating support for WPA pre-authentication, the mobile station cannot determine the type of WLAN deployment solely from this fact.
  • RSN Robust Security Network
  • Fig. 4-7 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for determining a type of WLAN deployment of a target AP.
  • the example method may be performed by the mobile station as soon as a target AP has been selected from results of a discovery scan and a matching connection profile stored in the mobile station has been identified.
  • a connection profile stored in the mobile station includes a network name of a WLAN.
  • the network name uniquely identifies the connection profile in the mobile station, so that no two connection profiles stored in the same mobile station include the same network name.
  • a connection profile is optionally labeled with a profile label.
  • a connection profile may include indications of other network details, for example, one or more of the following: a security type, a security subtype, an authentication method, and an encryption type.
  • a connection profile may also include credentials for use with the implemented security type or with the authentication method or with both.
  • a connection profile may also include other information, for example, Internet Protocol (IP) network parameters.
  • IP Internet Protocol
  • connection profile may optionally include an indication of the type of deployment of the WLAN.
  • the connection profile may include a parameter which if set to a first value indicates that the WLAN identified by the network name included in the connection profile is a SOHO-type WLAN deployment and which if set to a second value that differs from the first value indicates that the WLAN identified by the network name included in the connection profile is a corporate/enterprise-type WLAN deployment.
  • Selecting a target AP may involve comparing the scan results to one or more of the connection profiles stored in the mobile station.
  • a target AP whose management frame is in the scan results is considered a match to a particular connection profile if the following network details of the particular connection profile and the network details of the management frame are identical: network name, security type, and encryption type.
  • the mobile station may determine at 442 with high confidence that the target AP belongs to a WLAN deployment of the type that corresponds to the indication stored in the connection profile that matches the target AP. For example, if the indication has the first value, the mobile station may determine that the target AP belongs to a SOHO-type WLAN deployment, and if the indication has the second value, the mobile station may determine that the target AP belongs to a corporate/enterprise-type WLAN deployment.
  • Fig. 4-8 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for determining a type of WLAN deployment of a target AP.
  • the example method is applicable only for mobile stations that do not have a static IP address.
  • the example method may be performed by the mobile station as soon as an offer message including an offered IP address is received from a DHCP server as part of a dynamic IP address acquisition process.
  • the mobile station may determine at 454 with complete confidence that the target AP belongs to a SOHO-type WLAN deployment.
  • the mobile station may determine at 456 with complete confidence that the target AP belongs to a corporate/enterprise-type WLAN deployment.
  • Fig. 4-9 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for determining a type of WLAN deployment of a target AP.
  • the example method is applicable only for mobile stations that do not have a static IP address.
  • the example method may be performed by the mobile station as soon as an offer message including an offered IP address is received from a DHCP server as part of a dynamic IP address acquisition process.
  • the mobile station may determine at 464 with high confidence that the target AP belongs to a SOHO-type WLAN deployment. Access points for SOHO-type WLAN deployments that have internal DHCP servers are often configured by default to offer IP addresses of the form 192.168.X.X.
  • the mobile station may determine at 466 with some confidence that the target AP belongs to a corporate/enterprise-type WLAN deployment.
  • Roaming scans also known as neighbor scans, are scans that occur from time to time in the background without user intervention, when the mobile station is connected to an access point.
  • the scan is a search for access points that have the same SSID as the AP to which the mobile station is currently connected. Precisely how and under what conditions a mobile station determines to perform a roaming scan is beyond the scope of this document. Precisely how the mobile station handles results of the roaming scan is beyond the scope of this document.
  • a SOHO-type WLAN deployment is a single-AP WLAN deployment, then performing roaming scans is a waste of the mobile station's resources because either there are no nearby APs with the same SSID as the AP to which the mobile station is connected, or any such nearby APs with the same SSID as the AP to which the mobile station is connected belong to a different WLAN and therefore roaming to such nearby APs is not desirable.
  • a SOHO-type WLAN deployment has multiple APs, then performing roaming scans may be undesirable, because roaming will not be seamless, due to the absence of a centralized DHCP server for the multiple APs.
  • Fig. 5 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for configuring the mobile station.
  • the mobile station may configure itself at 506 to enable roaming scans.
  • the first configuration may include that roaming scans are enabled.
  • the mobile station may configure itself at 516 to disable roaming scans.
  • the second configuration may include that roaming scans are disabled.
  • the mobile station can forego configuring itself at 506 to enable roaming scans.
  • the mobile station can forego configuring itself at 516 to disable roaming scans.
  • a mobile station excludes a banned connection profile from active scanning other than active scanning performed as part of a discovery scan.
  • the mobile station filters results of passive scanning-other than passive scanning performed as part of a discovery scan -to remove from the results records including the network name of a banned connection profile.
  • APs configured with the network name of a banned connection profile will therefore not be eligible for selection as a target AP by the mobile station, thus preventing repeated failed attempts to connect to the target AP.
  • mismatch in credentials is due to misconfiguration of a particular AP and the WLAN is also supported by one or more other APs in which the credentials are not misconfigured. While the connection profile for the network name of the WLAN is banned, the mobile station will not be able to select any of the properly-configured APs as a target AP.
  • a connection profile is banned only temporarily, and the mobile station will "un-ban" a connection profile when a condition is met.
  • the condition may be one of a set of conditions, and whichever condition is met first will cause the mobile station to un-ban the connection profile.
  • the condition may be the expiry of a timer, known as a "timeout".
  • timeout When configuring the duration of the timeout, one balances two competing considerations: increased mobile station power savings (for longer durations), and faster ability to reconnect to a WLAN (for shorter durations).
  • the duration of the timeout may be, for example, in the range of 1 minute to 15 minutes, or in the range of 2 minutes to 10 minutes, or approximately 5 minutes, or any other duration.
  • the condition may be the editing of the banned connection profile.
  • detection by the mobile station of user input indicative of an explicit request to connect to a banned connection profile may cause the mobile station to un-ban the banned connection profile.
  • the mobile station may un-ban a banned connection profile if the mobile station determines that it is no longer in the coverage area of an AP supporting a WLAN with the network name of the banned connection profile.
  • turning the WLAN radio off or switching the WLAN mode of the mobile station to mobile hotspot (MHS) mode or some other non-client mode that is supported by the WLAN functionality of the mobile station may cause the mobile station to un-ban all banned connection profiles.
  • detection by the mobile station of user input that is indicative of selection of a banned connection profile from results of a discovery scan may cause the mobile station to un-ban the selected banned connection profile.
  • the mobile station may optionally generate a notification that a connection profile has been banned, with the notification to be displayed or provided via any suitable user output component of the mobile station to a user of the mobile station.
  • Examples for such notifications, in which Label refers to the label assigned to the connection profile, either by the user or automatically by the mobile station, include: "Profile Label has temporarily been blocked from associations due to an inability to obtain an IP address"; “Profile Label has temporarily been blocked from associations due to invalid credentials”; and “Profile Label has temporarily been blocked from associations due to authentication timeouts”.
  • any banned connection profile When displayed as part of a list of connection profiles stored in the mobile station, any banned connection profile may optionally have its banned status indicated by a visual indication. Banned connection profiles may be displayed in a separate list from un-banned connection profiles.
  • the mobile station may ignore any received communications from a banned access point.
  • the mobile station refrains from transmitting any communications addressed to the unique identifier of a banned access point.
  • outgoing communications are screened to block transmission of any communications addressed to the unique identifier of any banned access point.
  • outgoing communications are screened to block addressing of any communications to the unique identifier of any banned access point.
  • the mobile station filters probe responses received during active scanning to remove from the scan results records for any probe responses received from any banned access point, and the mobile station filters beacon frames received during passive scanning to remove from the scan results records for any probe responses received from any banned access point. Banned APs will therefore not be eligible for selection as a target AP by the mobile station, thus preventing repeated failedattempts to connect to the target AP. Conditions for "un-banning" an access point are also described in this document.
  • a banned AP will not be selected as a target AP.
  • This restriction may be implemented by filtering banned APs from the scan results prior to selection of a target AP. Alternatively, or additionally, this restriction may be implemented in the process of selecting a target AP.
  • the mobile station Because the mobile station refrains from sending communications addressed to the unique identifier of a banned AP, the mobile station will not initiate an association process or an authentication process with a banned AP.
  • the mismatch in credentials is due to misconfiguration of a particular AP, and the WLAN is also supported by one or more other APs in which the credentials are not misconfigured. While the particular AP is banned, the mobile station will still be able to select a properly-configured AP as a target AP if the mobile station detects the properly-configured AP during scanning.
  • This situation may occur in a SOHO-type WLAN deployment, where although multiple APs are configured with the same network name, the same security type and the same credentials, each AP is configured independently of the others. In a corporate/enterprise-type WLAN deployment, configuration of the APs is controlled centrally, and it is unlikely that a single AP in the WLAN deployment is misconfigured.
  • the mobile station may react to failure of the authentication process where the target AP belongs to a SOHO-type WLAN deployment by banning the target AP, and may react to failure of the authentication process where the target AP belongs to a corporate/enterprise-type WLAN deployment by banning or reducing the priority of the matching connection profile.
  • Fig. 6 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for configuring the mobile station.
  • the mobile station may configure itself at 606 to react to failure to connect to the target AP or to receipt of a decryption error message from the target AP by banning the connection profile that matches the target AP.
  • the first configuration may include reacting to failure to connect to the target AP or to receipt of a decryption error message from the target AP by banning the connection profile that matches the target AP.
  • the mobile station may reduce the priority of the connection profile that matches the target AP.
  • the mobile station may configure itself at 616 to react to failure to connect to the target AP or to receipt of a decryption error message from the target AP by banning the target AP.
  • the second configuration may include reacting to authentication failure by banning the target AP.
  • a problem with an authentication server may lead to an authentication timeout. If a subsequent attempt by the mobile station to authenticate with the target AP involves the redirection of the authentication request to a different authentication server, the subsequent attempt may succeed. Therefore, in a modified version (not shown) of the method illustrated in Fig. 6 , the mobile station configures itself at 616 to react to failure to connect to the target AP by banning the target AP only if the cause for failure is invalid credentials.
  • the mobile station will address communications to the unique identifier of a suppressed access point less often than to the unique identifier of an access point that is neither suppressed nor banned.
  • the mobile station occasionally filters probe responses received during active scanning to remove from the scan results records for any probe responses received from any suppressed access point, and the mobile station occasionally filters beacon frames or other management frames received during passive scanning to remove from the scan results records for any beacon frames or other management frames received from any suppressed access point. Suppressed APs will therefore be eligible for selection as a target AP by the mobile station less often, thus reducing the frequency of failed authentication processes. Conditions for "un-suppressing" an access point are described in this document. Conditions for converting the status of an access point from suppressed to banned are described in this document.
  • a suppressed AP will be eligible for selection as a target AP only occasionally.
  • This restriction may be implemented by occasionally filtering suppressed APs from the scan results prior to selection of a target AP. Alternatively, or additionally, this restriction may be implemented in the process of selecting a target AP.
  • the mobile station may react to failure of the authentication process where the target AP belongs to a SOHO-type WLAN deployment by suppressing the target AP, and may react to failure of the authentication process where the target AP belongs to a corporate/enterprise-type WLAN deployment by banning the connection profile that matches the target AP.
  • Fig. 7 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for configuring the mobile station.
  • the mobile station may configure itself at 706 to react to failure to connect to the target AP or to receipt of a decryption error message from the target AP by banning the connection profile that matches the target AP.
  • the first configuration may include reacting to failure to connect to the target AP or to receipt of a decryption error message from the target AP by banning the connection profile that matches the target AP.
  • the mobile station may reduce the priority of the connection profile that matches the target AP.
  • the mobile station may configure itself at 716 to react to failure to connect to the target AP or to receipt of a decryption error message from the target AP by suppressing the target AP.
  • the second configuration may include reacting to failure to connect to the target AP or to receipt of a decryption error message from the target AP by suppressing the target AP.
  • a problem with an authentication server may lead to an authentication timeout. If a subsequent attempt by the mobile station to authenticate with the target AP involves the redirection of the authentication request to a different authentication server, the subsequent attempt may succeed. Therefore, in a modified version (not shown) of the method illustrated in Fig. 7 , the mobile station configures itself at 716 to react to failure to connect to the target AP by suppressing the target AP only if the cause for failure is invalid credentials.
  • the mobile station may react to the failure of the authentication process where the target AP belongs to a SOHO-type WLAN deployment by banning the target AP if the cause of the failure is 'invalid credentials' and by suppressing the target AP if the cause of failure is something other than 'invalid credentials', and may react to failure of the authentication process where the target AP belongs to a corporate/enterprise-type WLAN deployment by banning the connection profile that matches the target AP.
  • Fig. 8 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for configuring the mobile station.
  • the mobile station may configure itself at 806 to react to failure to connect to the target AP or to receipt of a decryption error message from the target AP by banning the connection profile that matches the target AP.
  • the first configuration may include reacting to failure to connect to the target AP or to receipt of a decryption error message from the target AP by banning the connection profile that matches the target AP.
  • the mobile station may reduce the priority of the connection profile that matches the target AP.
  • the mobile station may configure itself at 816 to react to failure to connect to the target AP or to receipt of a decryption error message from the target AP by (i) banning the target AP if the cause of failure is invalid credentials and (ii) suppressing the target AP if the cause of failure is something other than invalid credentials or if a decryption error message was received.
  • the second configuration may include reacting to failure to connect to the target AP or to receipt of a decryption error message from the target AP by (i) banning the target AP if the cause of failure is invalid credentials and (ii) suppressing the target AP if the cause of failure is something other than invalid credentials or if a decryption error message was received.
  • Fig. 9 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for banning a connection profile.
  • the example method may be the action taken by the mobile station at 238 in the example method illustrated in Fig. 2 in reaction to failure to connect with a target AP or in reaction to receipt of a decryption error message from the target AP.
  • the example method is applicable in the situation where the mobile station has been configured to react to receipt of a decryption error message from a target AP or to failure -due to any cause, or only due to invalid credentials, or only due to a cause other than invalid credentials-of an attempt to connect with a target AP by banning the connection profile matching the target AP, as checked by the mobile station at 902.
  • the mobile station starts a timer for the connection profile that matches the target AP.
  • the mobile station bans the matching connection profile.
  • a connection profile may be implemented in the mobile station any suitable manner.
  • a connection profile may include a field which is set to a first value if the connection profile is not banned and set to a second value if the connection profile is banned.
  • an indication of the connection profile such as its network name, may be added to a list when the connection profile is banned, and may be removed from the list when the connection profile is un-banned.
  • the mobile station may at 908 optionally notify a user of the mobile station that the matching connection profile has been temporarily banned. This has been described in more detail previously in this document.
  • any banned connection profile may optionally have its banned status indicated by a visual indication.
  • FIG. 10 is an illustration of an example screenshot 1000 listing connection profiles stored in performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, in which a temporarily banned connection profile, labeled "Office", is identified by a visual indication 1002, which in this example is a line through the label.
  • a visual indication 1004 is used to identify the temporarily banned connection profile, where the visual indication 1004 is a timer showing how much time (in minutes and seconds) is left before the profile labeled "Office” is un-banned. In other implementations, the time may show how long the profile labeled "Office” has been banned.
  • Fig. 11 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for un-banning a banned connection profile.
  • a mobile station for example, any one of mobile stations 106, 116 and 136, for un-banning a banned connection profile.
  • the mobile station Upon detecting at 1102 that an un-ban condition has been met for a particular banned connection profile, the mobile station proceeds at 1104 to un-ban the particular banned connection profile. Examples of un-ban conditions have been described previously in this document. Different conditions or different combinations of conditions may be used in different implementations.
  • Figs. 11-1, 11-2 and 11-3 are flowcharts illustrating specific example methods to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for un-banning one or more connection profiles.
  • the mobile station upon detecting at 1112 that a particular banned connection profile has been edited, the mobile station proceeds at 1114 to un-ban the edited connection profile.
  • the mobile station upon detecting at 1122 that a WLAN radio of the mobile station has been turned off or upon detected at 1122 that the WLAN mode of the mobile station has been switched to mobile hotspot (MHS) mode or some other non-client mode that is supported by the WLAN functionality of the mobile station, the mobile station proceeds at 1124 to un-ban all banned connection profiles.
  • MHS mobile hotspot
  • a timer set for a particular banned connection profile (see, for example, the timer started at 902 in Fig. 9 ) has expired, the mobile station proceeds at 1134 to un-ban the connection profile for which the timer has expired.
  • the mobile station upon determining at 1152 that a discovery scan is to be conducted, the mobile station proceeds at 1154 to conduct the discovery scan in a manner that treats all connection profiles equally, regardless of their status as banned or unbanned. No connection profiles will be excluded from a discovery scan.
  • the mobile station presents the results of the discovery scan and a user may select one of the results for selection. In one implementation, only unbanned connection profiles found during the discovery scan are presented. In another implementation, all connection profiles found during the discovery scan are presented. In a further implementation, all connection profiles found during the discovery scan are presented, with banned connection profiles distinguished from the unbanned connection profiles.
  • the mobile station may prompt for approval to un-ban the selected connection profile. If user input received at the mobile station is indicative of such approval, as checked at 1160, the mobile station may proceed at 1162 to un-ban the selected connection profile and to attempt at 1164 to connect to the wireless local area network identified in the selected connection profile. If the user's selection is not a banned connection profile, the mobile station may proceed directly at 1164 to attempt to connect to the wireless local area network identified in the selection. If the user input received at the mobile station following prompting for approval to un-ban a selected connection profile is indicative of lack of such approval, the method may return to the presentation of the results at 1156.
  • Fig. 12 is a flowchart illustrating an example of a method for active scanning that takes into account whether a profile is banned, the method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136. Variations on how active scanning is conducted by the mobile station are also contemplated, and the method illustrated in Fig. 12 is merely one example. The method illustrated in Fig. 12 does not apply to any active scanning that is performed as part of a discovery scan.
  • the mobile station selects a connection profile, for example, from among the connection profiles stored in its memory.
  • the mobile station determines at 1204 whether the selected connection profile is banned, for example, by sampling the value of the field of the profile mentioned previously in this document, or by checking whether the selected connection profile is included in the list mentioned previously in this document.
  • the mobile station proceeds to select at 1206 a channel upon which to do the active scanning.
  • the mobile station starts a timer at 1208, and the mobile station then actively scans at 1210 on the selected channel for a wireless local area network having the same network name as that of the selected connection profile. This typically involves the mobile station transmitting a probe request specifying the network name of the selected connection profile on the selected channel.
  • the mobile station then waits to see if any probe responses are received on the selected channel before the timer started at 1208 has a timeout. Only APs configured with the network name specified in the probe request and configured to operate on the selected channel will respond to the probe request with a probe response.
  • the mobile station adds at 1214 to the scan results one or more records containing details extracted from the received one or more probe responses, and then proceeds to check at 1216 whether there are any other channels to actively scan. If so, the method proceeds to 1206 where the mobile station selects another channel. If there are not any other channels to actively scan, the method proceeds to 1218 where the mobile station checks whether any other connection profiles are to be actively scanned.
  • connection profile to be actively scanned
  • the method continues to 1202 where the mobile station selects another connection profile. If there are no other connection profiles to be actively scanned, then the mobile station processes at 1220 the scan results of the active scanning.
  • processing the scan results may include automatically selecting a target AP from the scan results without user intervention.
  • processing the scan results may include displaying, via a display of the mobile station, a list of available networks gleaned from the scan results, so that a user of the mobile station can select a target AP from the displayed list.
  • the mobile station then proceeds directly to check at 1216 whether there are any other channels to actively scan.
  • the mobile station proceeds directly to check at 1218 whether any other connection profiles are to be actively scanned.
  • Fig. 13 is a flowchart illustrating an example of a method for passive scanning in the situation where at least one profile is banned, the method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136. Variations on how passive scanning is conducted by the mobile station are also contemplated, and the method illustrated in Fig. 13 is merely one example. The method illustrated in Fig. 13 does not apply to any passive scanning that is performed as part of a discovery scan.
  • the mobile station selects a channel upon which to do the passive scanning.
  • the mobile station starts a timer at 1308, and the mobile station then passively scans at 1310 on the selected channel. This typically involves the mobile station listening for beacon frames transmitted by APs on the selected channel. The mobile station then waits to see if any beacon frames are received on the selected channel before the timer started at 1308 has a timeout. Only APs configured to operate on the selected channel will transmit beacon frames on the selected channel. APs configured to hide the network name will transmit beacon frames in which no network name is advertised. The mobile station may also receive one or more probe responses on the selected channel that are addressed to a different mobile station.
  • the mobile station adds at 1314 to the scan results one or more records containing details extracted from the received one or more beacon frames or probe responses or both, and then proceeds to check at 1316 whether there are any other channels to passively scan. If so, the method proceeds to 1306 where the mobile station selects another channel.
  • the method proceeds to 1318 where the mobile station filters the scan results to remove from the scan results any records including the network name of any banned profile.
  • the mobile station may sample the value of the field of the connection profile mentioned previously in this document, or may check whether the selected connection profile is included in the list mentioned previously in this document.
  • the filtering to remove records including the network name of any banned profile may occur at 1314, for the selected channel, thus eliminating the need to filter the scan results after all channels to be passively scanned have been passively scanned.
  • processing the filtered scan results may include automatically selecting a target AP from the filtered scan results without user intervention.
  • processing the filtered scan results may include displaying, via a display of the mobile station, a list of available networks gleaned from the filtered scan results, so that a user of the mobile station can select a target AP from the displayed list.
  • results of active scanning and the filtered results of passive scanning may be combined, and then processing as described above with respect to 1220 and 1320 may be performed by the mobile station on the combined results.
  • Fig. 14 is a flowchart illustrating another example of a method for passive scanning in the situation where at least one profile is banned, the method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136. Variations on how passive scanning is conducted by the mobile station are also contemplated, and the method illustrated in Fig. 14 is merely one example. The method illustrated in Fig. 14 does not apply to any passive scanning that is performed as part of a discovery scan.
  • Fig. 14 The method illustrated in Fig. 14 is similar to the method illustrated in Fig. 13 , as indicated by the repeated use of reference numerals used in Fig. 13 .
  • the description of Fig. 13 with respect to those reference numerals is applicable also to the method illustrated in Fig. 14 , except as noted below.
  • the mobile station If, as checked at 1316, the mobile station determines that there are not any other channels to actively scan, the mobile station then checks the records in the scan results against the banned connection profiles, one banned connection profile at a time.
  • the mobile station selects one of the banned connection profiles.
  • the mobile station checks whether any of the records in the scan results include the network name of the selected banned connection profile. If so, then mobile station filters at 1422 the scan results to remove those records from the scan results. If not, then this is an indication that the mobile station is no longer in the coverage area of any AP configured with the network name of the selected banned connection profile, and the mobile station therefore un-bans at 1424 the selected banned connection profile.
  • the AP configured with the network name of the selected banned connection profile hides the network name and therefore the mobile station, unaware that it actually is in the coverage area of the AP, will un-ban the selected banned connection profile.
  • processing the filtered scan results may include automatically selecting a target AP from the filtered scan results without user intervention.
  • processing the filtered scan results may include displaying, via a display of the mobile station, a list of available networks gleaned from the filtered scan results, so that a user of the mobile station can select a target AP from the displayed list.
  • results of active scanning and the filtered results of passive scanning may be combined, and then processing as described above with respect to 1220 and 1428 may be performed by the mobile station on the combined results.
  • Fig. 15 is a flowchart illustrating an example of a method performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for banning a target access point.
  • the example method may be the action taken by the mobile station at 238 in the example method illustrated in Fig. 2 in reaction to failure to connect with a target AP or in reaction to receipt of a decryption error message from the target AP.
  • the example method is applicable in the situation where the mobile station has been configured to react to receipt of a decryption error message from a target AP or to failure -due to any cause, or only due to invalid credentials, or only due to a cause other than invalid credentials-of an attempt to connect with a target AP by banning the target AP, as checked by the mobile station at 1502.
  • the mobile station bans the target AP.
  • Banning an access point may be implemented in the mobile station in any suitable manner.
  • a unique identifier of the access point such as its MAC address, may be added to a ban list when the access point is banned, and may be removed from the ban list when the access point is un-banned.
  • Figs. 16-1, 16-2 and 16-3 are illustrations of example screenshots displayed at a mobile station, for example, any one of mobile stations 106, 116 and 136.
  • Fig. 16-1 illustrates a screenshot for selection of a security type to be saved in a particular connection protocol.
  • Fig. 16-2 illustrates a screenshot displayed when the mobile station is attempting to connect to a wireless local area network with the network name Rosencrantz.
  • Fig. 16-3 illustrates a screenshot displayed when the authentication has failed because credentials supplied by the mobile station to the target access point for the authentication process do not match expected credentials.
  • Fig. 17-1 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for un-banning an access point.
  • the mobile station Upon detecting at 1702 that a connection profile has been edited, the mobile station proceeds at 1704 to un-ban all banned APs advertising the same network name as that of the edited connection profile. For example, if banning APs is implemented in the mobile station using a ban list as described above, each time a unique identifier of an AP is added to the ban list, a copy of the record of extracted details, including the network name, is associated in the ban list with the unique identifier. The identification of banned APs having a particular network name is therefore straightforward.
  • Fig. 17-2 is a flowchart illustrating another example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for un-banning access points.
  • a mobile station for example, any one of mobile stations 106, 116 and 136, for un-banning access points.
  • MHS mobile hotspot
  • the mobile station Upon detecting at 1722 that the WLAN mode of the mobile station has been switched to mobile hotspot (MHS) mode or some other non-client mode that is supported by the WLAN functionality of the mobile station, the mobile station proceeds at 1724 to un-ban all banned APs.
  • MHS mobile hotspot
  • FIG. 18 is a flowchart illustrating an example of a method for active scanning that takes into account whether an access point is banned, the method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136. Variations on how active scanning is conducted by the mobile station are also contemplated, and the method illustrated in Fig. 18 is merely one example.
  • the mobile station selects a connection profile, for example, from among the connection profiles stored in its memory.
  • the mobile station proceeds to select at 1806 a channel upon which to do the active scanning.
  • the mobile station starts a timer at 1808, and the mobile station then actively scans at 1810 on the selected channel for a wireless local area network having the same network name as that of the selected connection profile.
  • This typically involves the mobile station transmitting a probe request specifying the network name of the selected connection profile on the selected channel.
  • the mobile station then waits to see if any probe responses are received on the selected channel before the timer started at 1808 has a timeout. Only APs configured with the network name specified in the probe request and configured to operate on the selected channel will respond to the probe request with a probe response.
  • the mobile station adds at 1814 to the scan results one or more records containing details extracted from the received one or more probe responses, and then proceeds to check at 1816 whether there are any other channels to actively scan. If so, the method proceeds to 1806 where the mobile station selects another channel. If there are not any other channels to actively scan, the method proceeds to 1818 where the mobile station checks whether any other connection profiles are to be actively scanned.
  • connection profile to be actively scanned the method continues to 1802 where the mobile station selects another connection profile. If there are no other connection profiles to be actively scanned, then the mobile station filters the scan results of the active scanning at 1819 to remove from the scan results any records including the unique identifier of any banned AP. For example, if the mobile station maintains a list of MAC addresses of banned APs, the mobile station can compare at 1819 the MAC addresses in the records to the MAC addresses in the list. In a modified method for active scanning, the filtering to remove records including the unique identifier of any banned AP may occur at 1814, for the selected channel, instead of at 1819.
  • processing the filtered scan results may include automatically selecting a target AP from the filtered scan results without user intervention.
  • processing the filtered scan results may include displaying, via a display of the mobile station, a list of available networks gleaned from the filtered scan results, so that a user of the mobile station can select a target AP from the displayed list.
  • the mobile station then proceeds directly to check at 1816 whether there are any other channels to actively scan.
  • Fig. 19 is a flowchart illustrating an example of a method for passive scanning that takes into account whether an access point is banned, the method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136. Variations on how passive scanning is conducted by the mobile station are also contemplated, and the method illustrated in Fig. 19 is merely one example.
  • the mobile station selects a channel upon which to do the passive scanning.
  • the mobile station starts a timer at 1908, and the mobile station then passively scans at 1910 on the selected channel. This typically involves the mobile station listening for beacon frames transmitted by APs on the selected channel. The mobile station then waits to see if any beacon frames are received on the selected channel before the timer started at 1908 has a timeout. Only APs configured to operate on the selected channel will transmit beacon frames on the selected channel. APs configured to hide the network name will transmit beacon frames in which no network name is advertised. The mobile station may also receive one or more probe responses on the selected channel that are address to a different mobile station.
  • the mobile station adds at 1914 to the scan results one or more records containing details extracted from the received one or more beacon frames or probe responses or both, and then proceeds to check at 1916 whether there are any other channels to passively scan. If so, the method proceeds to 1906 where the mobile station selects another channel.
  • the method proceeds to 1918 where the mobile station filters the scan results to remove from the scan results any records including the unique identifier of any banned AP. For example, if the mobile station maintains a list of MAC addresses of banned APs, the mobile station can compare at 1918 the MAC addresses in the records to the MAC addresses in the list. In a modified method for passive scanning, the filtering to remove records including the unique identifier of any banned AP may occur at 1914, for the selected channel, thus eliminating the need to filter the scan results after all channels to be passively scanned have been passively scanned.
  • processing the filtered scan results may include automatically selecting a target AP from the filtered scan results without user intervention.
  • processing the filtered scan results may include displaying, via a display of the mobile station, a list of available networks gleaned from the filtered scan results, so that a user of the mobile station can select a target AP from the displayed list.
  • the filtered results of active scanning and the filtered results of passive scanning may be combined, and then processing as described above with respect to 1820 and 1920 may be performed by the mobile station on the combined results.
  • Fig. 20 is a flowchart illustrating an example of a method performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for suppressing a target access point.
  • the example method may be the action taken by the mobile station at 238 in the example method illustrated in Fig. 2 in reaction to failure to connect with a target AP or in reaction to receipt of a decryption error message from the target AP.
  • the example method is applicable in the situation where the mobile station has been configured to react to receipt of a decryption error message from a target AP or to failure -due to any cause, or only due to invalid credentials, or only due to a cause other than invalid credentials-of an attempt to connect with a target AP by suppressing the target AP, as checked by the mobile station at 2002.
  • the mobile station suppresses the target AP.
  • Suppressing an access point may be implemented in the mobile station in any suitable manner.
  • a unique identifier of the access point such as its MAC address, may be added to a suppression list when the access point is suppressed, and may be removed from the suppression list when the access point is un-suppressed.
  • Fig. 21 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for un-suppressing an access point.
  • the mobile station Upon detecting at 2102 that an un-suppress condition has been met for a suppressed AP, the mobile station proceeds at 2104 to un-suppress the suppressed AP.
  • Figs. 21-1, 21-2 and 21-3 are flowcharts illustrating specific example methods to be performed by a mobile station, for example, mobile station 102, for un-suppressing one or more access points. In Fig.
  • the mobile station upon detecting at 2106 that an authentication process with a suppressed target AP has succeeded, the mobile station proceeds at 2108 to un-suppress the target AP.
  • the mobile station upon detecting at 2112 that a connection profile has been edited, the mobile station proceeds at 2114 to un-suppress all suppressed APs advertising the same network name as that of the edited connection profile. For example, if suppressing APs is implemented in the mobile station using a suppression list as described above, each time a unique identifier of an AP is added to the suppression list, a copy of the record of the extracted details, including the network name, is associated in the suppression list with the unique identifier. The identification of suppressed APs having a particular network name is therefore straightforward.
  • Fig. 21-3 upon detecting at 2122 that a WLAN radio of the mobile station has been turned off or upon detected at 2122 that the WLAN mode of the mobile station has been switched to mobile hotspot (MHS) mode or some other non-client mode that is supported by the WLAN functionality of the mobile station, the mobile station proceeds at 2124 to un-suppress all suppressed APs.
  • MHS mobile hotspot
  • Fig. 22 is a flowchart illustrating an example of a method for active scanning that takes into account whether an access point is suppressed, the method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136. Variations on how active scanning is conducted by the mobile station are also contemplated, and the method illustrated in Fig. 22 is merely one example.
  • Fig. 22 The method illustrated in Fig. 22 is similar to the method illustrated in Fig. 18 , as indicated by the repeated use of reference numerals used in Fig. 18 .
  • the description of Fig. 18 with respect to those reference numerals is applicable also to the method illustrated in Fig. 22 , except as noted below.
  • the mobile station If there are no other connection profiles to be actively scanned, as checked at 1818, then the mobile station occasionally filters the scan results of the active scanning at 2219 to remove from the scan results any records including the unique identifier of any suppressed AP. For example, if the mobile station maintains a list of MAC addresses of suppressed APs, the mobile station can compare at 2219 the MAC addresses in the records to the MAC addresses in the list.
  • processing the filtered scan results may include automatically selecting a target AP from the filtered scan results without user intervention.
  • processing the filtered scan results may include displaying, via a display of the mobile station, a list of available networks gleaned from the filtered scan results, so that a user of the mobile station can select a target AP from the displayed list.
  • Fig. 23 is a flowchart illustrating an example of a method for passive scanning that takes into account whether an access point is suppressed, the method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136. Variations on how passive scanning is conducted by the mobile station are also contemplated, and the method illustrated in Fig. 23 is merely one example.
  • Fig. 23 The method illustrated in Fig. 23 is similar to the method illustrated in Fig. 19 , as indicated by the repeated use of reference numerals used in Fig. 19 .
  • the description of Fig. 19 with respect to those reference numerals is applicable also to the method illustrated in Fig. 23 , except as noted below.
  • the mobile station If there are no other channels to be passively scanned, as checked at 1918, then the mobile station occasionally filters the scan results of the passive scanning at 2318 to remove from the scan results any records including the unique identifier of any suppressed AP. For example, if the mobile station maintains a list of MAC addresses of suppressed APs, the mobile station can compare at 2318 the MAC addresses in the records to the MAC addresses in the list.
  • processing the filtered scan results may include automatically selecting a target AP from the filtered scan results without user intervention.
  • processing the filtered scan results may include displaying, via a display of the mobile station, a list of available networks gleaned from the filtered scan results, so that a user of the mobile station can select a target AP from the displayed list.
  • the filtered results of active scanning and the filtered results of passive scanning may be combined, and then processing as described above with respect to 2220 and 2320 may be performed by the mobile station on the combined results.
  • the issue of how often the mobile station filters the scan results to remove results including the unique identifier of any suppressed AP is a tradeoff between power consumption (filter more often) and responsiveness (filter less often).
  • the filtering may be done every other time the method illustrated in Fig. 22 or Fig. 23 is performed, or every third time.
  • a timer may be used to determine how often to filter the scan results.
  • the scan results may be filtered every five minutes.
  • Fig. 24 is a flowchart illustrating an example method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136, for suppressing or banning a target access point according to a number of times the authentication process has failed for the target access point.
  • the example method may be the action taken by the mobile station at 238 in the example method illustrated in Fig. 2 in reaction to failure to connect with a target AP or in reaction to receipt of a decryption error message from the target AP.
  • the example method is applicable in the situation where the mobile station has been configured to react to receipt of a decryption error message from a target AP or to failure -due to any cause, or only due to invalid credentials, or only due to a cause other than invalid credentials-of an attempt to connect with a target AP by suppressing the target AP, as checked by the mobile station at 2402.
  • the mobile station will ban rather than suppress the target AP if the attempts to connect have failed too many times for the target AP.
  • a counter for a target AP is started upon the first instance of initiating an attempt to connect with the target AP.
  • the counter is re-started when an attempt to connect with the target AP has succeeded.
  • the mobile station increments the counter for the target AP, regardless of the cause for the failure of the attempt to connect with the target AP.
  • the mobile station If the counter does not exceed a threshold, as checked at 2406 by the mobile station, the mobile station suppresses the target AP at 2408. If the counter exceeds the threshold, the mobile station un-suppresses the target AP and bans the target AP at 2410.
  • a problem with an authentication server may lead to an authentication timeout. If a subsequent attempt by the mobile station to authenticate with the target AP involves the redirection of the authentication request to a different authentication server, the subsequent attempt may succeed. Therefore, in a modified version of the method illustrated in Fig. 24 , the mobile station increments the counter for the target AP only if the cause for failure of the attempt to connect to the target AP is invalid credentials, and does not ban or suppress the target AP if the cause for failure is other than invalid credentials.
  • Fig. 25 is a flowchart illustrating an example of a method for active scanning that takes into account whether an access point is suppressed or banned, the method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136. Variations on how active scanning is conducted by the mobile station are also contemplated, and the method illustrated in Fig. 25 is merely one example.
  • Fig. 25 The method illustrated in Fig. 25 is similar to the methods illustrated in Fig. 18 and Fig. 22 , as indicated by the repeated use of reference numerals used in Fig. 18 and Fig. 22 .
  • the description of Fig. 18 and Fig. 22 with respect to those reference numerals is applicable also to the method illustrated in Fig. 25 , except as noted below.
  • the mobile station filters the scan results of the active scanning at 1819 to remove from the scan results any records including the unique identifier of any banned AP, and the mobile station occasionally filters the scan results of the active scanning at 2219 to remove from the scan results any records including the unique identifier of any suppressed AP.
  • processing the filtered scan results may include automatically selecting a target AP from the filtered scan results without user intervention.
  • processing the filtered scan results may include displaying, via a display of the mobile station, a list of available networks gleaned from the filtered scan results, so that a user of the mobile station can select a target AP from the displayed list.
  • Fig. 26 is a flowchart illustrating an example of a method for passive scanning that takes into account whether an access point is suppressed or banned, the method to be performed by a mobile station, for example, any one of mobile stations 106, 116 and 136. Variations on how passive scanning is conducted by the mobile station are also contemplated, and the method illustrated in Fig. 26 is merely one example.
  • Fig. 26 The method illustrated in Fig. 26 is similar to the methods illustrated in Fig. 19 and Fig. 23 , as indicated by the repeated use of reference numerals used in Fig. 19 and Fig. 23 .
  • the description of Fig. 19 and Fig. 23 with respect to those reference numerals is applicable also to the method illustrated in Fig. 26 , except as noted below.
  • the mobile station filters the scan results of the passive scanning at 1918 to remove from the scan results any records including the unique identifier of any banned AP, and the mobile station occasionally filters the scan results of the passive scanning at 2318 to remove from the scan results any records including the unique identifier of any suppressed AP.
  • processing the filtered scan results may include automatically selecting a target AP from the filtered scan results without user intervention.
  • processing the filtered scan results may include displaying, via a display of the mobile station, a list of available networks gleaned from the filtered scan results, so that a user of the mobile station can select a target AP from the displayed list.
  • the filtered results of active scanning and the filtered results of passive scanning may be combined, and then processing as described above with respect to 2520 and 2620 may be performed by the mobile station on the combined results.
  • Fig. 27 is a functional block diagram illustration of an example mobile station, which can be considered an example of any one of mobile stations 106, 116 and 136.
  • the example mobile station generally referenced 20, comprises a processor 22, a memory 24, a display 26, one or more user input elements 28, one or more timers 29, and a WLAN communication interface 30.
  • a non-exhaustive list of examples for user input elements 28 includes a keypad, a keyboard, a trackball, and a thumbwheel.
  • Some mobile stations use a touchscreen, which functions both as display 26 and as one of the user input elements 28.
  • WLAN communication interface 30 comprises a baseband processor 32 coupled to a radio 34, which in turn is coupled to an antenna 36.
  • a battery 40 supplies power to the components of mobile station 20.
  • Battery 40 is typically removable from mobile station 20.
  • Mobile station 20 also comprises a power interface 42, for example, a universal serial bus (USB) interface connection or an AC/DC adapter, which enables battery 40 to be recharged from an external power source.
  • a power interface 42 for example, a universal serial bus (USB) interface connection or an AC/DC adapter, which enables battery 40 to be recharged from an external power source.
  • USB universal serial bus
  • Mobile station 20 may comprise additional components, circuitry and functionality which, for clarity, have not been illustrated in Fig. 27 .
  • Memory 24 is coupled to processor 22 and comprises volatile memory and nonvolatile memory. Portions of memory 24 may be internal to processor 22. Memory 24 stores applications executable by processor 22, including, for example, a system management application 50, a wireless connection setup application 52, a connection profile management application 54, and a WLAN communication interface driver 56. Memory 24 also stores data files used by the applications, including, for example, one or more connection profiles 58.
  • memory 24 may optionally store a list 59 of banned connection profiles.
  • a banned connection profile may be identified in list 59 by its network name.
  • memory 24 may optionally store a list 60 of banned APs.
  • a banned AP may be identified in list 60 by its unique identifier, for example, by its MAC address.
  • memory 24 may optionally store a list 62 of suppressed APs.
  • a suppressed AP may be identified in list 62 by its unique identifier, for example, by its MAC address.
  • Memory 24 may store an indication 64 of the type of WLAN deployment determined by mobile station 20 for a particular target AP.
  • Indication 64 may be stored by mobile station 20 in response to mobile station 20 having determined the type of WLAN deployment to which a target AP belongs, for example, as at 302 of Fig. 3 or, for example, as in any one or any combination of the methods illustrated in Figs. 4-1 , 4-2 , 4-3 , 4-4 , 4-5 , 4-6 and 4-7 .
  • memory 24 may optionally store an indication 66 of whether roaming scans are enabled or disabled. For example, when set to a first value, indication 66 may indicate that roaming scans are enabled, and when set to a second value different from the first value, indication 66 may indicate that roaming scans are disabled.
  • memory 24 may optionally store an indication 68 of how mobile station 20 is to react.
  • Indication 68 may be set, for example, by mobile station 20 in accordance with any one of the methods illustrated in Figs. 6-1, 6-2 , 7-1, 7-2 , 8-1 and 8-2 .
  • Methods described in this document may be implemented by way of computer instructions to be executed by processor 22 or processor 32.
  • scanning is implemented by processor 32 under the control of WLAN communication interface driver 56.
  • Profile management application 54 may be used to enable the editing of connection profiles 58.
  • Wireless connection setup application 52 may be used to enable the creation of connection profiles 52 and to guide a user of mobile station through the process of scanning and connecting to a WLAN, including, for example, generating a list of available WLANs to be displayed via display 26.
  • connection profiles 58 include a field which is set to a first value if the connection profile is not banned and set to a second value if the connection profile is banned, then the setting of that field may be implemented as computer instructions in profile management application 54.
  • the banning and un-banning of access points may be implemented as computer instructions in WLAN communication interface driver 56, and the generation of a notification regarding invalid credentials may be implemented as computer instructions in wireless connection setup application 52.
  • the suppressing and un-suppressing of access points may be implemented as computer instructions in WLAN communication interface driver 56, and the generation of a notification regarding invalid credentials may be implemented as computer instructions in wireless connection setup application 52.
  • Computer program instructions may also be stored in a physical computer-readable medium that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable medium produce an article of manufacture including instruction means which implement the functions or actions specified in the flowchart illustration and/or block diagram block or blocks.
  • Computer programs implementing the techniques described in this document can be distributed to users on a distribution medium such as a floppy disk, CD-ROM, or DVD, or may be downloaded over a network such as the Internet using FTP, HTTP, or other suitable protocols. From there, they will often be copied to a hard disk or a similar intermediate storage medium.
  • Each block of the flowchart illustrations and/or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s).
  • the functions noted in the block may occur out of the order noted in the figures.
  • two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending on the functionality involved.
  • Each block of the flowchart illustration and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams can be implemented by special purpose hardware-based systems that perform the specified functions or actions, or by combinations of special purpose hardware and computer instructions.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Claims (15)

  1. Procédé effectué par une station mobile (20, 106, 116, 136), le procédé comprenant :
    la détermination de si un point d'accès (102, 108, 110, 112, 118, 120, 122, 124, 126, 128) appartient à un déploiement de réseau local sans fil « WLAN » de type société/entreprise ou à un déploiement WLAN de type petit bureau/bureau à la maison « SOHO », le point d'accès ayant été sélectionné par la station mobile à partir de résultats d'un balayage de découverte (202) pour une tentative de connexion ;
    en réponse à la détermination que le point d'accès appartient à un déploiement WLAN de type société/entreprise, la configuration (306) de la station mobile dans une première configuration ; et
    en réponse à la détermination que le point d'accès appartient à un déploiement WLAN de type SOHO, la configuration (316) de la station mobile dans une seconde configuration qui diffère de la première configuration.
  2. Procédé selon la revendication 1, dans lequel la détermination de si le point d'accès appartient à un déploiement WLAN de type société/entreprise ou à un déploiement WLAN de type SOHO comprend :
    la détermination (416) que le point d'accès appartient à un déploiement WLAN de type SOHO où un type de sécurité du point d'accès, discernable à partir des résultats du balayage de découverte, indique aucune sécurité ; et/ou
    la détermination (430) que le point d'accès appartient à un déploiement WLAN de type société/entreprise où une trame de gestion en provenance du point d'accès dans les résultats du balayage de découverte indique que le point d'accès est activé pour des Extensions Compatibles Cisco « CCX » ; et/ou
    la détermination (434) que le point d'accès appartient à un déploiement WLAN de type société/entreprise où une trame de balise ou une réponse de sonde ou une réponse d'association ou une réponse de réassociation en provenance du point d'accès dans les résultats du balayage de découverte indique que le point d'accès supporte des Rapports de Voisins ; et/ou
    la détermination (438) que le point d'accès appartient à un déploiement WLAN de type société/entreprise où une trame de balise ou une réponse de sonde en provenance du point d'accès dans les résultats du balayage de découverte indique que le point d'accès supporte une pré-authentification d'Accès Protégé Wi-Fi.
  3. Procédé selon la revendication 1 ou la revendication 2, dans lequel la détermination de si le point d'accès appartient à un déploiement WLAN de type société/entreprise ou à un déploiement WLAN de type SOHO comprend :
    la détermination (426) que le point d'accès appartient à un déploiement WLAN de type SOHO où une adresse de contrôle d'accès au support « MAC » du point d'accès, discernable à partir des résultats du balayage de découverte, indique que le point d'accès est fabriqué ou vendu par une organisation qui fabrique ou vend des points d'accès uniquement pour le déploiement WLAN de type SOHO ; et
    la détermination (422) que le point d'accès appartient à un déploiement WLAN de type société/entreprise où l'adresse MAC du point d'accès indique que le point d'accès est fabriqué ou vendu par une organisation qui fabrique ou vend des points d'accès uniquement pour le déploiement WLAN de type société/entreprise.
  4. Procédé selon l'une quelconque des revendications 1 à 3, dans lequel la détermination de si le point d'accès appartient à un déploiement WLAN de type société/entreprise ou à un déploiement WLAN de type SOHO comprend :
    la détermination (442) que le point d'accès appartient à un déploiement WLAN de type SOHO où un profil de connexion stocké dans la station mobile qui correspond au point d'accès inclut une indication que le profil est pour le déploiement WLAN de type SOHO ; et
    la détermination (442) que le point d'accès appartient à un déploiement WLAN de type société/entreprise où le profil de connexion inclut une indication que le profil est pour le déploiement WLAN de type société/entreprise.
  5. Procédé selon l'une quelconque des revendications 1 à 4, dans lequel plus d'un point d'accès est identifiable à partir des résultats du balayage de découverte, et dans lequel la détermination de si le point d'accès appartient à un déploiement WLAN de type société/entreprise ou à un déploiement WLAN de type SOHO comprend :
    la détermination (410) que le point d'accès appartient à un déploiement WLAN de type SOHO où aucun des autres points d'accès identifiés à partir des résultats du balayage de découverte n'a exactement les mêmes caractéristiques - autres que l'adresse de contrôle d'accès au support « MAC » - que le point d'accès, les caractéristiques étant discernables à partir de trames de gestion dans les résultats du balayage de découverte ; et
    la détermination (412) que le point d'accès appartient à un déploiement WLAN de type société/entreprise où au moins un des autres points d'accès identifiés à partir des résultats du balayage de découverte a exactement les mêmes caractéristiques - autres que l'adresse MAC - que le point d'accès.
  6. Procédé selon l'une quelconque des revendications 1 à 5, comprenant en outre :
    comme partie d'un processus d'acquisition d'adresse de Protocole Internet « IP » dynamique, la réception en provenance d'un serveur de protocole de configuration d'hôte dynamique « DHCP » d'un message d'offre incluant une adresse IP offerte,
    dans lequel la détermination de si le point d'accès appartient à un déploiement WLAN de type société/entreprise ou à un déploiement WLAN de type SOHO comprend :
    la détermination (454) que le point d'accès appartient à un déploiement WLAN de type SOHO où une adresse de contrôle d'accès au support (MAC) source dans le message d'offre est identique à une adresse MAC du point d'accès, qui est discernable à partir des résultats du balayage de découverte, et la détermination (456) que le point d'accès appartient à un déploiement WLAN de type société/entreprise où l'adresse MAC source dans le paquet d'offre en provenance du serveur DHCP n'est pas identique à l'adresse MAC du point d'accès ;
    et/ou
    la détermination (464) que le point d'accès appartient à un déploiement WLAN de type SOHO où l'adresse IP offerte est de la forme 192.168.X.X, et la détermination (466) que le point d'accès appartient à un déploiement WLAN de type société/entreprise où l'adresse IP offerte n'est pas de la forme 192.168.X.X.
  7. Procédé selon l'une quelconque des revendications 1 à 6, dans lequel la configuration de la station mobile dans la première configuration comprend l'activation (506) de balayages d'itinérance et la configuration de la station mobile dans la seconde configuration comprend la désactivation (516) de balayages d'itinérance.
  8. Procédé selon l'une quelconque des revendications 1 à 7, dans lequel la configuration de la station mobile dans la première configuration comprend :
    la configuration (606) de la station mobile pour réagir à la réception d'un message d'erreur de déchiffrement en provenance du point d'accès ou à l'échec d'une tentative de connexion au point d'accès en bannissant un profil de connexion éditable stocké dans la station mobile qui correspond au point d'accès, le profil de connexion éditable incluant un nom de réseau.
  9. Procédé selon la revendication 8, comprenant en outre :
    la tentative de connexion au point d'accès, incluant la transmission d'une manière recevable par le point d'accès de paramètres à partir du profil de connexion éditable ;
    la détermination que la tentative a échoué ou la réception du message d'erreur de déchiffrement en provenance du point d'accès et le bannissement conséquent du profil de connexion éditable ;
    si un quelconque balayage actif pour des réseaux locaux sans fil - autre que le balayage actif effectué comme partie d'un quelconque balayage de découverte - est effectué par la station mobile alors que le profil de connexion éditable est bannis, l'exclusion du profil de connexion éditable du balayage actif ; et
    si un quelconque balayage passif pour des réseaux locaux sans fil - autre que le balayage passif effectué comme partie d'un quelconque balayage de découverte - est effectué par la station mobile alors que le profil de connexion éditable est bannis, la suppression à partir de résultats du balayage passif de tous enregistrements incluant le nom de réseau.
  10. Procédé selon l'une quelconque des revendications 1 à 7, dans lequel la configuration de la station mobile dans la première configuration comprend :
    la configuration (606) de la station mobile pour réagir à la réception d'un message d'erreur de déchiffrement en provenance du point d'accès ou à l'échec d'une tentative de connexion au point d'accès en réduisant une priorité d'un profil de connexion stocké dans la station mobile qui correspond au point d'accès.
  11. Procédé selon l'une quelconque des revendications 1 à 10, dans lequel la configuration de la station mobile dans la seconde configuration comprend :
    la configuration (616) de la station mobile pour réagir à la réception d'un message d'erreur de déchiffrement en provenance du point d'accès ou à l'échec d'une tentative de connexion au point d'accès en bannissant le point d'accès.
  12. Procédé selon la revendication 11, comprenant en outre :
    la tentative de connexion au point d'accès ;
    la détermination que la tentative a échoué ou la réception du message d'erreur de déchiffrement en provenance du point d'accès et le bannissement conséquent du point d'accès ; et
    le fait de s'abstenir de transmettre toutes communications adressées à un identificateur unique du point d'accès alors que le point d'accès est bannis.
  13. Procédé selon l'une quelconque des revendications 1 à 10, dans lequel la configuration de la station mobile dans la seconde configuration comprend :
    la configuration (716) de la station mobile pour réagir à la réception d'un message d'erreur de déchiffrement en provenance du point d'accès ou à l'échec d'une tentative de connexion au point d'accès en supprimant le point d'accès.
  14. Procédé selon la revendication 13, comprenant en outre :
    la tentative de connexion au point d'accès ;
    la détermination que la tentative a échoué ou la réception du message d'erreur de déchiffrement en provenance du point d'accès et la suppression conséquente du point d'accès ;
    à certaines occasions où le point d'accès est supprimé, le fait de s'abstenir de transmettre toutes communications adressées à l'identificateur unique ; et
    à d'autres occasions où le point d'accès est supprimé, le fait de permettre la transmission de communications adressées à l'identificateur unique.
  15. Station mobile (20, 106, 116, 136) comprenant :
    un processeur (22) ;
    une mémoire (24) couplée au processeur ; et
    une interface de communication de réseau local sans fil « WLAN » (30) couplée au processeur,
    caractérisée en ce que la station mobile est fonctionnelle pour effectuer le procédé de l'une quelconque des revendications 1 à 14.
EP11161792.4A 2011-04-08 2011-04-08 Configuration d'une station mobile selon le type de déploiement de réseau local sans fil Active EP2509367B1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP11161792.4A EP2509367B1 (fr) 2011-04-08 2011-04-08 Configuration d'une station mobile selon le type de déploiement de réseau local sans fil
EP15200114.5A EP3018940B1 (fr) 2011-04-08 2011-04-08 Configuration d'une station mobile selon le type de déploiement de réseau local sans fil

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP11161792.4A EP2509367B1 (fr) 2011-04-08 2011-04-08 Configuration d'une station mobile selon le type de déploiement de réseau local sans fil

Related Child Applications (1)

Application Number Title Priority Date Filing Date
EP15200114.5A Division EP3018940B1 (fr) 2011-04-08 2011-04-08 Configuration d'une station mobile selon le type de déploiement de réseau local sans fil

Publications (2)

Publication Number Publication Date
EP2509367A1 EP2509367A1 (fr) 2012-10-10
EP2509367B1 true EP2509367B1 (fr) 2015-12-16

Family

ID=44202041

Family Applications (2)

Application Number Title Priority Date Filing Date
EP15200114.5A Active EP3018940B1 (fr) 2011-04-08 2011-04-08 Configuration d'une station mobile selon le type de déploiement de réseau local sans fil
EP11161792.4A Active EP2509367B1 (fr) 2011-04-08 2011-04-08 Configuration d'une station mobile selon le type de déploiement de réseau local sans fil

Family Applications Before (1)

Application Number Title Priority Date Filing Date
EP15200114.5A Active EP3018940B1 (fr) 2011-04-08 2011-04-08 Configuration d'une station mobile selon le type de déploiement de réseau local sans fil

Country Status (1)

Country Link
EP (2) EP3018940B1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109756882A (zh) * 2017-11-03 2019-05-14 中国电信股份有限公司 通信方法、系统、smsr以及计算机可读存储介质

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102060373B1 (ko) 2013-02-21 2019-12-30 삼성전자주식회사 단말기의 근거리 무선통신 연결방법 및 장치
US10237188B2 (en) * 2016-01-15 2019-03-19 Qualcomm Incorporated Regulating responses based on request addressing or request channels
CN106804055B (zh) 2017-02-20 2019-05-28 Oppo广东移动通信有限公司 一种无线保真Wi-Fi连接方法及移动终端
CN109327887B (zh) * 2018-10-24 2020-02-21 百度在线网络技术(北京)有限公司 用于生成信息的方法和装置

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FI120478B (fi) * 2000-02-24 2009-10-30 Nokia Corp Menetelmä ja laitteisto tietoliikenneverkkoon liittymiseksi
US7389122B2 (en) * 2004-12-17 2008-06-17 Intel Corporation Method and apparatus to provide a continuous useable wireless network connection
WO2008061347A1 (fr) 2006-11-21 2008-05-29 Research In Motion Limited Affichage d'une liste de réseaux locaux sans fil disponibles
DE602007008531D1 (de) * 2007-05-08 2010-09-30 Research In Motion Ltd Verfahren, tragbares Kommunikationsgerät und computerlesbarer Datenträger zum Verwalten von Verbindungen für von einer Kommunikationsvorrichtung verwendete Netze
US20090022076A1 (en) 2007-07-17 2009-01-22 Necati Canpolat Network type assisted wlan network selection
US8695063B2 (en) * 2009-10-11 2014-04-08 Blackberry Limited Authentication failure in a wireless local area network

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109756882A (zh) * 2017-11-03 2019-05-14 中国电信股份有限公司 通信方法、系统、smsr以及计算机可读存储介质

Also Published As

Publication number Publication date
EP2509367A1 (fr) 2012-10-10
EP3018940B1 (fr) 2017-10-18
EP3018940A1 (fr) 2016-05-11

Similar Documents

Publication Publication Date Title
US8699379B2 (en) Configuring mobile station according to type of wireless local area network (WLAN) deployment
US8881238B2 (en) Authentication failure in a wireless local area network
US9030985B2 (en) Handling mismatch of cryptographic keys and related battery drain and communication exchange failures
US9730252B2 (en) Quick connection between customized softap and STA
US7650411B2 (en) Method and system for secure management and communication utilizing configuration network setup in a WLAN
US10063417B2 (en) Automatically grouping, authenticating, and provisioning access points using cloud-based management of WLAN infrastructure
US20170064760A1 (en) Assisted wireless connection setup
US8732798B2 (en) Automatic disabling of enabled connection profile for wireless network
EP2509367B1 (fr) Configuration d'une station mobile selon le type de déploiement de réseau local sans fil
CA2736346C (fr) Configuration d'une station mobile selon le type de reseau sans fil local (wlan) deploye
US20230130053A1 (en) Systems and methods for virtual personal wi-fi network
US9775181B2 (en) Reducing re-association time for STA connected to AP
CA2783127C (fr) Dispositif de desactivation automatique d'un profil de connexion active pour reseau sans fil
EP4445634A1 (fr) Gestion de connexion client sensible au mode de sécurité

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20110408

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: BLACKBERRY LIMITED

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: BLACKBERRY LIMITED

RIC1 Information provided on ipc code assigned before grant

Ipc: H04W 8/18 20090101ALN20150417BHEP

Ipc: H04W 48/16 20090101AFI20150417BHEP

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

INTG Intention to grant announced

Effective date: 20150625

RIN1 Information on inventor provided before grant (corrected)

Inventor name: KHOLAIF, AHMAD MOHAMMAD MOHAMMAD

Inventor name: BARBU, ION

Inventor name: BAKTHAVATHSALU, KRISHNA KUMAR

Inventor name: MENDAHAWI, NAYEF FAWAZ

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: AT

Ref legal event code: REF

Ref document number: 766066

Country of ref document: AT

Kind code of ref document: T

Effective date: 20160115

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 602011021976

Country of ref document: DE

REG Reference to a national code

Ref country code: NL

Ref legal event code: MP

Effective date: 20151216

REG Reference to a national code

Ref country code: LT

Ref legal event code: MG4D

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 6

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: NO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160316

Ref country code: HR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: LT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

REG Reference to a national code

Ref country code: AT

Ref legal event code: MK05

Ref document number: 766066

Country of ref document: AT

Kind code of ref document: T

Effective date: 20151216

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: RS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: LV

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: NL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160317

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: ES

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: IT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160416

Ref country code: SM

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160418

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20160430

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 602011021976

Country of ref document: DE

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

26N No opposition filed

Effective date: 20160919

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: LU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20160408

Ref country code: BE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

REG Reference to a national code

Ref country code: IE

Ref legal event code: MM4A

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20160430

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20160430

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 7

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20160408

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 8

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT; INVALID AB INITIO

Effective date: 20110408

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: MK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: MC

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

Ref country code: MT

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20160430

Ref country code: TR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20151216

REG Reference to a national code

Ref country code: DE

Ref legal event code: R082

Ref document number: 602011021976

Country of ref document: DE

Ref country code: DE

Ref legal event code: R081

Ref document number: 602011021976

Country of ref document: DE

Owner name: MALIKIE INNOVATIONS LTD., IE

Free format text: FORMER OWNER: BLACKBERRY LIMITED, WATERLOO, ONTARIO, CA

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: GB

Payment date: 20240423

Year of fee payment: 14

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: DE

Payment date: 20240429

Year of fee payment: 14

REG Reference to a national code

Ref country code: GB

Ref legal event code: 732E

Free format text: REGISTERED BETWEEN 20240620 AND 20240627

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20240430

Year of fee payment: 14